<?php
ob_start();
session_start();
include_once ('../../config.php');

$user = htmlspecialchars($_POST['naam'],ENT_QUOTES);
$pass = md5(htmlspecialchars($_POST['password'],ENT_QUOTES));
// echo $pass;
// echo $user;
$i = 0;

while($i < 10000000 ) {
	$i++;
}
/* @annotation(Gunirus): MD5 codering in javascript laten gebeuren */

$sql = "SELECT * FROM logins WHERE login='$user' AND password='".$pass."'";

$result = mysql_query($sql,$conn) or die(mysql_error()) ;

if ($debug == 1) {
	var_dump($sql,$result);
}

if( mysql_num_rows( $result ) != 1 ) {
echo "Het wachtwoord of de gebruikersnaam is verkeerd. Klik <a href=blaat>hier</a> om een nieuw wachtwoord in te stellen.";
//echo $pass;
} else {


$row = mysql_fetch_array( $result );
$_SESSION['user'] = $user;
$_SESSION['rang'] = $row['rang'];
$_SESSION['userid'] = $row['id'];
$_SESSION['rangid'] = $row['rangid'];
if ($debug == 1) {
var_dump($row);
}
echo "Login correct";

}
?>
<?php
ob_end_flush(); 
?>
